package org.dbstar.scheduler.ldap;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.dbstar.scheduler.beans.OperateType;
import org.dbstar.scheduler.control.OperateController;
import org.dbstar.scheduler.control.exception.DaoException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler;


/**
 * 用户认证失败后的处理
 * 
 * @author 代波
 * @since 1.0.0
 * @version 1.0.0
 * @date 2012-6-5
 */
public class SchedulerAuthenticationFailureHandler extends ExceptionMappingAuthenticationFailureHandler {
	private final OperateController operateController;

	public SchedulerAuthenticationFailureHandler(OperateController operateController) {
		super();
		this.operateController = operateController;
	}

	@Override
	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
			AuthenticationException exception) throws IOException, ServletException {
		super.onAuthenticationFailure(request, response, exception);
		@SuppressWarnings("deprecation")
		Authentication authentication = exception.getAuthentication();
		if (authentication != null) {
			try {
				operateController.operate(authentication.getName(), OperateType.login_failure, exception.getMessage());
			} catch (DaoException e) {
				throw new ServletException(e);
			}
		}
	}
}
